Enterprise Networking Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.
The goal of any computer virus is to infect a victim’s device with code that creates problems for the system and the user. Viruses can alter or delete files, cause malfunctions, grant access by a hacker, steal data, or render a device completely unusable.
How do computer viruses work, and how can users detect and remove them? Most fall into a few main categories and include common signs and symptoms. This article will run through the basics to help you better recognize and defend against viruses.
Table of Contents
How do computer viruses work?
Computer viruses use different execution methods and infection strategies. But the typical chain of events starts with a deceptive tactic that tricks someone into giving the virus access to their device. It then executes and begins causing damage.
Computer viruses are a specific category of malware with self-replicating behavior. Viruses can do many different things to victims’ devices, but one thing they almost always do is continuously spread the virus to more files and devices on the network.
The National Council on Identity Theft Prevention estimates that 560,000 new malicious programs are discovered daily. Millions are out there, but they all usually fall into one of a few main categories. Understanding the signs and symptoms can help users protect themselves and their devices.
What are the signs of a computer virus?
Some viruses create popups, force-redirect the user, trigger error messages or cause a full system crash. These symptoms usually happen when the virus executes and are hard to miss. Legitimate apps can also cause crashes or errors, but you should always investigate when these things happen, just in case.
Other viruses are meant to go unnoticed, at least for a while. They cause less noticeable symptoms, but there are still signs users can look for. Some will delete files, install new apps, cause abnormally slow computer performance, slow browser performance or overtax the computer’s hard drive. Certain viruses can even cause antivirus programs to malfunction.
Non-malicious sources, such as outdated hardware, can also cause some of these symptoms. Hackers hope people write off subtle but persistent signs of a computer virus as having these sorts of natural causes. That’s why it’s important to always investigate any unusual behavior or performance issues.
How computer viruses spread
Hackers’ most common methods to spread computer viruses involve misleading or tricking unsuspecting users. This can happen through phishing scams, websites and apps, unsecured Wi-Fi networks, or physical storage devices.
Phishing pages and messages
One of the most common data breach causes is phishing attacks, which are often used for credential theft. They increased 61% in 2022, with a 50% increase in attacks targeting mobile devices.
Phishing involves tricking users into clicking on a malicious link, downloading an attachment or sharing personal information. Common formats include scam websites and malicious emails.
Disguised apps and websites
Computer viruses can also be spread through seemingly harmless content. A hacker might advertise a free game, movie, or popular app or program. Users that download the content also unknowingly install a virus.
One particularly dangerous type of fake software is scareware, a virus transmission method that disguises itself as antivirus software. The most common sign of scareware is a popup warning the user of an imminent security threat. Scareware is designed to leverage panic at the thought of getting a computer virus. People are told to “click here” or purchase a program to “fix” their device.
USB thumb drives
Physical media can also be used to spread viruses. A hacker might install a virus on a USB thumb drive and leave it in a coffee shop for someone to plug into their device.
Hackers use digital channels to spread viruses much more commonly than physical ones. Both are dangerous, but digital methods are typically more efficient for spreading a virus.
Unsecured Wi-Fi networks
Wi-Fi networks can also be used to spread computer viruses. This transmission method is similar to how human viruses are spread through the air.
Poorly secured Wi-Fi networks accessed by hackers can distribute a virus to other devices on the network. Everything is vulnerable to exploitation, even the router.
Users can employ several strategies to protect their Wi-Fi networks, such as encryption and regular router updates. It’s also a good idea to turn off any remote network management features, which could make it easier for a hacker to exploit.
Better yet, connect using a virtual private network (VPN) to tunnel your activity through a more secure, private connection. Best of all, avoid using unsecured Wi-Fi whenever possible; if in doubt, connect using your mobile carrier network either on your mobile device or using a hotspot.
6 types of computer viruses
Most people have heard terms like ransomware, malware, or spyware. They describe a wide variety of computer viruses. Many fall into one of six categories depending on how they execute on victims’ devices: resident, macro, boot sector, polymorphic, overwrite, or rootkit.
1. Resident virus
Resident viruses exploit devices’ RAM to root into a computer. They are designed with the assumption that the victim’s antivirus program might detect the malicious code.
To get around this, hackers program the resident virus to store versions of itself in the memory files of different applications. That way, it can still run even if the original version is detected and deleted.
2. Macro virus
A macro virus or scripting virus exploits a macro, which is a simplified command connected to the app’s assembly language code. Examples include commands, keystrokes, or keyboard shortcuts that can directly manipulate a system.
Hackers hide macro viruses in files like Microsoft Word documents or PDFs. Once downloaded and opened, the file inserts malicious code into a legitimate macro in the designated application. The malicious code will run every time the app uses that macro.
Macro viruses can delete or corrupt files and insert more dangerous malware. They behave much like Trojan horse malware and can even be used to distribute it.
3. Boot sector virus
Boot sector viruses target a device’s master boot record (MBR). Deleting or compromising this data will render the device’s hard drive nonfunctional.
Boot sector viruses are commonly found on malicious USB thumb drives. Most modern PC hard drives are designed with safeguards against boot sector viruses, but users should still be careful. These viruses run on the sector of hard drive data that opens first when the computer is booted up. Once infected, it’s almost impossible to turn on the computer without the virus executing.
4. Polymorphic virus
Polymorphic viruses are one of the hardest types to catch. They’re designed to rewrite themselves repeatedly so antivirus programs can’t detect them. They do this by changing their program’s signature or decryption routine, which can trick antivirus programs into thinking the virus has been eliminated when it actually just has a new signature.
Polymorphic viruses can automatically update as often as every 10 minutes. They are typically combined with larger malware or ransomware programs.
5. Overwrite virus
Overwrite viruses or file infectors destroy the data on the victim’s files, overwriting it with the virus’s information. These viruses are most often spread through malicious downloads or fake software online. Once downloaded, they execute when the user opens the infected file. They can also force a computer to spread the virus to other devices.
Overwrite viruses are more common with some files than others, such as those with the .exe or .com extensions. They can also be transmitted through malicious email attachments.
6. Rootkit virus
Rootkit viruses install a program on victims’ computers, allowing a hacker to control the device. They’re designed to evade detection by antivirus programs since they install at the deepest levels of the operating system (OS).
Hackers can use a rootkit virus to manipulate victims’ devices. They can delete or plant files, steal data and personal information, or make the computer do something without the owner’s permission. They’re typically used to form botnets for distributed denial-of-service (DDoS) attacks.
How to prevent computer viruses
Although no method is 100% successful at preventing viruses, users can take steps to prevent their devices from being infected. First and foremost, it’s always a good idea to install trusted and up-to-date antivirus software.
Do plenty of research before purchasing and installing any antivirus software. (Our guide to the best enterprise antivirus software is a great place to start!) Remember, hackers sometimes use scareware disguised as an antivirus program to get viruses onto victims’ devices.
Never open a link or download an attachment from a suspicious or unsolicited email. Similarly, be careful about downloading programs or files online, particularly on public sharing sites like forums. Avoid using memory drives unless you are absolutely sure of their origin. And be wary about going to unsecured websites, which you can usually catch because they begin with http:/ instead of https (the “s” stands for “secure”).
Computer virus removal
Unfortunately, removing a virus from a computer usually isn’t easy. Users should start by downloading a trustworthy, legitimate antivirus program if they don’t already have one. You can then scan your device, which will identify any security threats. Some programs can remove malware automatically.
With viruses that are harder to root out, users may need to completely recover or reinstall their OS to eliminate the malware. This will usually completely wipe non-OS data on the PC. Don’t copy the information onto an external hard drive if it’s not backed up, as this will likely replicate the virus.
You should also report the incident to authorities. This helps law enforcement personnel keep track of cybercrime and prevent more devices from being infected. Users can contact several organizations, including the Department of Justice and the Federal Trade Commission.
Bottom line: Protecting against computer viruses
Computer viruses continue to be prevalent today, and more sophisticated and dangerous than ever before. The first step to protecting your devices is knowing the signs of malicious programs and websites. Preventing infection is all about understanding the tactics hackers use to spread these programs. Users should stick to trusted websites online and update their antivirus software to protect their devices and data.
We reviewed the best antivirus software for enterprises—here’s what we found.
